How does the BB84 protocol work?

BB84 operates in four phases: 1) Quantum transmission: Alice generates random bits and randomly selects one of two polarization bases (rectilinear: 0°/90°, or diagonal: 45°/135°) for each bit. She sends single photons with the corresponding polarization to Bob. 2) Measurement: Bob randomly chooses a basis to measure each photon. When his basis matches Alice's, he gets the correct bit with certainty. When mismatched, he gets a random result. 3) Sifting: Over a public classical channel, Alice and Bob compare which basis they used for each bit (not the bit values). They keep only bits where bases matched (~50% of the total). 4) Privacy amplification: They sacrifice a subset of matched bits to check for errors (QBER). If QBER < 11%, they apply error correction and privacy amplification to produce the final secure key.

Why can eavesdropping be detected?

The security of BB84 rests on quantum mechanics. If an eavesdropper (Eve) intercepts a photon, she must measure it, which collapses the quantum state. Without knowing Alice's basis choice, Eve measures in the wrong basis 50% of the time, introducing errors. If she then sends a replacement photon to Bob, it will carry errors in 25% of the bits where Alice and Bob's bases matched. This elevates the Quantum Bit Error Rate (QBER) above the 11% threshold, revealing Eve's presence. The no-cloning theorem prevents Eve from copying the photon to measure it in both bases simultaneously. This is information-theoretic security: no computational advance (including quantum computers) can break it.

What are the practical limitations of BB84?

Real-world BB84 faces several constraints. Distance: fiber-based QKD is limited to ~100 km due to photon absorption (0.2 dB/km at 1550 nm). Secret key rate drops exponentially with distance: ~1 Mbps at 10 km, ~1 kbps at 100 km, impractical beyond 300 km without quantum repeaters. Detector imperfections: single-photon avalanche diodes (SPADs) have dark count rates (100-1000/s) and afterpulsing that introduce errors. Practical photon sources (weak coherent pulses from attenuated lasers) are imperfect: occasional multi-photon pulses enable photon-number-splitting attacks, mitigated by decoy state protocols. Satellite-based QKD (e.g., Micius, 2017) extends range to 1200+ km using free-space optical links.

Quantum Communications

BB84 Protocol

Q: Why can eavesdropping be detected?

The security of BB84 rests on quantum mechanics. If an eavesdropper (Eve) intercepts a photon, she must measure it, which collapses the quantum state. Without knowing Alice's basis choice, Eve measures in the wrong basis 50% of the time, introducing errors. If she then sends a replacement photon to Bob, it will carry errors in 25% of the bits where Alice and Bob's bases matched. This elevates the Quantum Bit Error Rate (QBER) above the 11% threshold, revealing Eve's presence. The no-cloning theorem prevents Eve from copying the photon to measure it in both bases simultaneously. This is information-theoretic security: no computational advance (including quantum computers) can break it.

Q: What are the practical limitations of BB84?

Real-world BB84 faces several constraints. Distance: fiber-based QKD is limited to ~100 km due to photon absorption (0.2 dB/km at 1550 nm). Secret key rate drops exponentially with distance: ~1 Mbps at 10 km, ~1 kbps at 100 km, impractical beyond 300 km without quantum repeaters. Detector imperfections: single-photon avalanche diodes (SPADs) have dark count rates (100-1000/s) and afterpulsing that introduce errors. Practical photon sources (weak coherent pulses from attenuated lasers) are imperfect: occasional multi-photon pulses enable photon-number-splitting attacks, mitigated by decoy state protocols. Satellite-based QKD (e.g., Micius, 2017) extends range to 1200+ km using free-space optical links.

/bee-bee-AYT-ee-for/

The first quantum key distribution (QKD) protocol, proposed by Bennett and Brassard in 1984. Uses single-photon polarization in two conjugate bases to establish provably secure encryption keys. Eavesdropping introduces detectable errors (QBER >11% threshold) due to the no-cloning theorem. Fiber-based: ~1 Mbps at 10 km, ~1 kbps at 100 km. Satellite QKD extends to 1200+ km. Provides information-theoretic security against any adversary, including quantum computers.

Bases: Rectilinear + Diagonal

QBER threshold: 11%

Fiber range: ~100 km

Understanding BB84

Classical encryption relies on mathematical problems that are computationally hard to solve (RSA, AES). Quantum computing threatens to break these schemes (Shor's algorithm for RSA). BB84 provides an alternative: key distribution whose security is guaranteed by the laws of physics rather than computational assumptions. An eavesdropper cannot intercept quantum information without disturbing it, and this disturbance is detectable.

The protocol uses the fact that measuring a quantum state in the wrong basis yields a random result and irreversibly collapses the original state. By encoding bits in randomly chosen conjugate bases, Alice ensures that any eavesdropper who measures in the wrong basis introduces errors that Alice and Bob can detect during the reconciliation phase.

BB84 Protocol Flow

Encoding (2 bases, 4 states):
Rectilinear (+): 0 → |H⟩, 1 → |V⟩
Diagonal (×): 0 → |+45⟩, 1 → |−45⟩

Sifting Efficiency:
Basis match probability: 50%
Raw key from N photons: ~N/2 bits
After error correction + privacy amp: ~N/4 bits

Key Rate vs. Distance (fiber):
R ≅ f_rep × η_det × 10^−αL/10
α = 0.2 dB/km (1550 nm), f_rep = 1 GHz
10 km: ~1 Mbps; 100 km: ~1 kbps

QKD Protocol Comparison

Protocol	Encoding	States	Key Feature
BB84	Polarization	4 (2 bases)	Original, proven
B92	Polarization	2 (non-orthogonal)	Simplified
E91	Entanglement	Bell pairs	Device-independent
CV-QKD	Quadrature	Continuous	Standard detectors

Common Questions

Frequently Asked Questions

How does BB84 work?

Alice: random bits, random basis (rectilinear/diagonal), sends single photons. Bob: random basis measurement. Sifting: compare bases (public), keep matches (~50%). Error check: QBER <11% = secure. Privacy amplification → final key.

Why is eavesdropping detected?

No-cloning: Eve cannot copy photons. Measuring collapses state. Wrong basis 50%: 25% error rate in sifted key. QBER >11% = abort. Information-theoretic security, unbreakable by any computer.

Practical limits?

Fiber: 0.2 dB/km loss. ~1 Mbps at 10 km, ~1 kbps at 100 km. SPAD dark counts (100 to 1000/s). Multi-photon vulnerability (mitigated by decoy states). Satellite QKD (Micius): 1200+ km free-space.

Related Terms

← Bayonet BBU →

Quantum Communications

Precision Optical/RF Components

RF Essentials provides precision terminations and custom waveguide assemblies for quantum communication test systems and secure key distribution infrastructure.

Request a Quote